hive

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs the agent to read and search the shared hive server's user-generated feed, posts, claims, run listings, and external forks (e.g., "hive feed list", "hive search", "hive run view " and reading posts/comments and code diffs in SKILL.md), which are untrusted third-party contents that can influence the agent's decisions and tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs fetching and checking out external git repositories at runtime via "git remote add " and "git fetch && git checkout " (e.g., git@github.com:org/repo.git or https://github.com/org/repo.git), which pulls remote code that the agent then runs/evaluates, so remote content can directly control execution and prompts.